Skip to content

Infrastructure

This section is the application's view of infrastructure — how the local dev stack is wired, how Cloud Build turns code into container images, how secrets reach the running app, what to expect at runtime. It's deliberately scoped to what an application engineer needs to know.

Where the actual cluster lives: DevOps

Terraform-managed cloud resources (GCP project, GKE cluster, VPC, IAM, AWS S3+CloudFront, Cloudflare DNS), Argo CD applications, Kubernetes manifests (deployments, services, ingresses, network policies), Postgres operations (CNPG), and cluster-side runbooks (deploy, rollback, scaling, disaster recovery) all live in the DevOps companion site. This section deliberately does not duplicate that content — it links out where details matter.

If you want to know… Read here Read in DevOps
How my code becomes an image Cloud Build Cloud Build infra
How my image reaches prod Deployment (overview) DevOps → Deploy (runbook), Argo CD
Where secrets come from Secrets (app perspective) Secrets Management (provisioning)
What runs in the cluster Tomoda K8s app, Postgres CNPG, Redis, Photon
How prod scales / autoscales DevOps → Scaling, SCALING_PLAN.md
Disaster recovery DevOps → DR

In this section

  • Overview

    Environments (local, dev, prod) and a high-level topology diagram of how requests flow through the stack — from the app's point of view.

  • Docker Compose

    The local infra stack — Postgres + PostGIS, Redis, MinIO, Photon — and the task dev workflow.

  • Cloud Build

    The CI pipelines that build backend and frontend container images and push them to Artifact Registry. The cloudbuild-*.yaml files in this repo are the source.

  • Deployment

    The app's view of how a git tag becomes a running pod — the high-level flow, with handoffs to DevOps for the cluster-side specifics.

  • Secrets

    The local .env.local workflow, the pull-secrets.sh script, and how secrets the app needs are sourced in prod (via DevOps's External Secrets Operator setup).

  • Photon

    The self-hosted Photon geocoding service — why it exists, how the backend uses it, and where the index lives. (Cluster-side deployment lives in DevOps.)